//package com.springboot.springbootlogindemo.config;
//
//
//import com.auth0.jwt.interfaces.Claim;
//import com.springboot.springbootlogindemo.utils.JwtUtil;
//import lombok.extern.slf4j.Slf4j;
//import javax.servlet.*;
//import javax.servlet.annotation.WebFilter;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//import java.util.Map;
//
///**
// * JWT过滤器，拦截 /secure的请求
// */
//@Slf4j
//@WebFilter(filterName = "JwtFilter", urlPatterns = "/secure/*")
//
////@WebFilter 注解标记了这是一个过滤器，它指定了过滤器的名称和需要拦截的 URL 模式
//
//public class JwtFilter implements Filter
//{
//    @Override
//    public void init(FilterConfig filterConfig) throws ServletException {
//    }
//
//    @Override
//    //doFilter 方法是过滤器的主要逻辑。它首先获取请求的 HttpServletRequest 和 HttpServletResponse 对象。
//    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
//        final HttpServletRequest request = (HttpServletRequest) req;
//        final HttpServletResponse response = (HttpServletResponse) res;
//
//        response.setCharacterEncoding("UTF-8");
//
//        //获取 header里的token
//        final String token = request.getHeader("authorization");
//
//        //首先判断请求的方法是否为 OPTIONS，如果是的话，表示是预检请求（CORS），直接放行。
//        if ("OPTIONS".equals(request.getMethod())) {
//            response.setStatus(HttpServletResponse.SC_OK);
//            chain.doFilter(request, response);
//        }
//        // Except OPTIONS, other request should be checked by JWT
//        else {
//
//            if (token == null) {
//                response.getWriter().write("没有token！您还未登录！");
//                return;
//            }
//
//            Map<String, Claim> userData = JwtUtil.verifyToken(token);
//            if (userData == null) {
//                response.getWriter().write("token不合法！");
//                return;
//            }
//            Integer id = userData.get("uid").asInt();
//            String userName = userData.get("uname").asString();
//            String password= userData.get("password").asString();
//            String telephone=userData.get("telephone").asString();
//            //拦截器 拿到用户信息，放到request中
//            request.setAttribute("uid", id);
//            request.setAttribute("uname", userName);
//            request.setAttribute("password", password);
//            request.setAttribute("telephone",telephone);
//
//            //通过 chain.doFilter(req, res) 继续执行后续的过滤器链或请求处理。
//            chain.doFilter(req, res);
//        }
//    }
//
//    @Override
//    public void destroy() {
//    }
//
//
//    public static void main(String args[]){
//
//    }
//}


package com.springboot.springbootlogindemo.config;

import com.auth0.jwt.interfaces.Claim;
import com.springboot.springbootlogindemo.utils.JwtUtil;
import lombok.extern.slf4j.Slf4j;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Map;

@Slf4j
@WebFilter(filterName = "JwtFilter", urlPatterns = "/*")
public class JwtFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;

        response.setCharacterEncoding("UTF-8");

        String token = request.getHeader("authorization");

        if ("OPTIONS".equals(request.getMethod())) {
            response.setStatus(HttpServletResponse.SC_OK);
            filterChain.doFilter(request, response);
        } else {
            String requestURI = request.getRequestURI();
            if (requestURI.contains("secure")) {
                if (token == null) {
                    response.getWriter().write("没有token！您还未登录！");
                    return;
                }

                Map<String, Claim> userData = JwtUtil.verifyToken(token);
                if (userData == null) {
                    response.getWriter().write("token不合法！");
                    return;
                }

                Integer id = userData.get("uid").asInt();
                String userName = userData.get("uname").asString();
                String password = userData.get("password").asString();
                String telephone = userData.get("telephone").asString();

                request.setAttribute("uid", id);
                request.setAttribute("uname", userName);
                request.setAttribute("password", password);
                request.setAttribute("telephone", telephone);
            }

            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    @Override
    public void destroy() {
    }
}
